REPORTS
PROGRAMS
PUBLISHERS
Top10 publishers:
b'bobrov'
117
b'geeknik'
80
b'linkks'
75
b'jobert'
70
b'sp1d3rs'
68
b'someonenobbd'
62
b'nyymi'
53
b'jon_bottarini'
49
b'haxta4ok00'
48
b'netfuzzer'
48
Now on Twitter
the unofficial
HackerOne
disclosure timeline.
X
b'HackerOne'
disclosed a bug submitted by
b'ahacker1'
b'New Search Feature: Search for non-public words in limited disclosure reports'
25 Oct 2023
b'EXNESS'
disclosed a bug submitted by
b'null_hypothesis'
b'Blind SSRF on https://my.exnessaffiliates.com/ allows for internal network enumeration'
25 Oct 2023
b'HackerOne'
disclosed a bug submitted by
b'xdemiray'
b'Hacker email disclosed on submission at hackerone hactivity'
24 Oct 2023
b'U.S. Dept Of Defense'
disclosed a bug submitted by
b'gu4rdianbyte'
b'Information Disclosure FrontPage Configuration Information'
20 Oct 2023
b'Mozilla Critical Services'
disclosed a bug submitted by
b'limusec'
b'After the upload of an private file, using transformations, the file becomes public without the possibility of changing it.'
20 Oct 2023
b'Mozilla Core Services'
disclosed a bug submitted by
b'avram'
b'HTML Injection at https://stage.firefoxmonitor.nonprod.cloudops.mozgcp.net/user/unsubscribe'
20 Oct 2023
b'Nextcloud'
disclosed a bug submitted by
b'bhmth'
b'Responsive Server-side Request Forgery (SSRF)'
19 Oct 2023
b'LinkedIn'
disclosed a bug submitted by
b'domg'
b'Deny Admin from Editing LinkedIn Company Page using Gen Form Visibility via POST /voyager/api/voyagerOrganizationDashCompanies/{id}'
19 Oct 2023
b'HackerOne'
disclosed a bug submitted by
b'rynexx'
b'Hackers two email disclosed on submission at hackerone hactivity'
18 Oct 2023
b'LinkedIn'
disclosed a bug submitted by
b'domg'
b'HTML injection at Company Name or Product Name and can be shown on Contact Sales form'
18 Oct 2023
b'8x8'
disclosed a bug submitted by
b'mr-k0anti'
b'Open Redirect - Polycom Company Directory'
17 Oct 2023
b'Nextcloud'
disclosed a bug submitted by
b'shuvam321'
b'Inviting excessive long email addresses to a calendar event makes the server unresponsive'
16 Oct 2023
b'curl'
disclosed a bug submitted by
b'shelldoit'
b'[Critical] Curl CVE-2023-38545 vulnerability code changes are disclosed on the internet'
16 Oct 2023
b'ImpressCMS'
disclosed a bug submitted by
b'd3addog'
b'CSRF to XSS in /htdocs/modules/system/admin.php'
14 Oct 2023
b'Khan Academy'
disclosed a bug submitted by
b'tomh'
b'Client Side string length check'
14 Oct 2023
b'Node.js'
disclosed a bug submitted by
b'tniessen'
b'Path traversal through path stored in Uint8Array'
13 Oct 2023
b'Node.js'
disclosed a bug submitted by
b'tniessen'
b'Permission model improperly protects against path traversal'
13 Oct 2023
b'Node.js'
disclosed a bug submitted by
b'tniessen'
b'Integrity checks according to policies can be circumvented'
13 Oct 2023
b'Mozilla Core Services'
disclosed a bug submitted by
b'aliend89'
b'Exposing Django Debug Panel and Sensitive Infrastructure Information at https://dev.fxprivaterelay.nonprod.cloudops.mozgcp.net'
13 Oct 2023
b'Mozilla Core Services'
disclosed a bug submitted by
b'holybugx'
b'Subdomain takeover on one of the subdomain under mozaws.net'
13 Oct 2023
1
...
3
4
5
6
7
...
680
BY DENIS WERNER - @NOBBD -
IMPRESSUM
